Risk Horizon
Live

Intelligence generated by AI from public regulatory sources. Not investment or regulatory advice. Verify before relying on any output.

Signals
high·PRA · Prudential Regulation Authority

PRA Supervisory Statement SS1/23 — Model Risk Management Principles for Banks

The PRA finalised SS1/23, setting out a principles-based framework for model risk management applicable to all PRA-regulated firms. The statement introduces six core MRM principles covering model identification, validation, and governance, and treats AI/ML models as a distinct risk category requiring enhanced explainability standards.

Materiality

Horizon

Near Term

Source Type

supervisory guidance

Published

1 June 2023

AI Commentary

SS1/23 is the most comprehensive PRA model risk statement to date. The six principles align with SR 11-7 but introduce AI/ML-specific governance requirements that go further. Firms should treat this as the new baseline for UK MRM programmes, including legacy model remediation.

Related Themes

1 theme

AI Model Risk & Explainability

Technology & Digital

crystallising

Intelligence Packs

1 pack
Scenario Pack
mediumECBPRAFCA

AI Model Governance Failure in Credit Decisioning

This scenario models the financial, regulatory, and reputational consequences of a systemic failure in AI model governance within the credit decisioning function of a large retail or wholesale bank. The triggering event is a supervisory finding — or public disclosure — that AI-driven credit scoring models have produced discriminatory outcomes or are materially unexplainable under current regulatory standards. The immediate impact is a supervisory direction to suspend or remediate the affected models, with secondary impacts flowing through capital, customer remediation, and operational risk channels. The scenario is rated medium time horizon (1–3 years) because the enabling conditions — widespread AI adoption in credit, regulatory frameworks now in force, and supervisory examination programmes underway — make a triggering event probable within that window for institutions that have not achieved full AI model governance maturity. Institutions should treat this scenario as a stress test of their current model risk management programme against the ECB, PRA, and EBA explainability standards that are simultaneously in force.

Trigger Conditions

  • Material enforcement action by ECB, PRA, or FCA citing AI model unexplainability in credit decisioning, resulting in a public censure or remediation order against a significant institution
  • Documented instance of regulatory-identified algorithmic bias causing customer detriment exceeding EUR 50 million, triggering a mandatory industry-wide self-assessment across affected jurisdictions